Find out more about how LogRhythm can help organizations fulfill The Federal Information Security Management Act (FISMA) requirements in documentation and implementation of controls for IT systems that support operations and assets.
LogRhythm Compliance Support for FISMA The Federal Information Security Management Act (FISMA) requires that all federal agencies document and implement controls for information technology systems that support their operations and assets. Standards and guidelines have been developed and published by the National Institute of Standards and Technology (NIST). These published guidelines cover many areas surrounding "access control", "audit and accountability", "incident response", and "system and information integrity". Each agency is responsible for implementing the minimum security requirements as outlined by NIST. Agencies are periodically scored to determine their compliance level. Results are presented to Congress. Poor performance can result in penalties and be of general embarrassment to agency management and staff. The collection, management, and analysis of log data is integral to meeting many FISMA requirements. The use of LogRhythm directly meets some requirements and decreases the cost of complying with others. IT environments consist of heterogeneous devices, systems, and applications - all reporting log data. Millions of individual log entries can be generated daily if not hourly. The task of organizing this information can be overwhelming in itself. The additional requirements of analyzing and reporting on log data render manual processes or homegrown remedies inadequate and costly. LogRhythm can help. Log collection, archive, and recovery is fully automated across the entire IT infrastructure. LogRhythm automatically performs the first level of log analysis. Log data is categorized, identified, and normalized for easy analysis and reporting. LogRhythm's powerful alerting capability automatically identifies the most critical issues and notifies relevant personnel. With the click of a mouse, LogRhythm's out-of-the box FISMA reporting packages ensure you meet your reporting requirements. LogRhythm Report Center Screenshot FISMA and its "17 minimum security requirements" require organizations implement and perform procedures to effectively "capture", "monitor", "review", and "retain" log data. The remainder of this paper lists the applicable FISMA control requirements, as specified in NIST 800-53, that LogRhythm helps address. For each requirement, an explanation of how LogRhythm supports compliance is provided. Learn how LogRhythm's comprehensive log management and analysis solution can help your organization meet or exceed FISMA regulatory requirements.
Copyright 2008 LogRhythm, Inc. All Rights Reserved Page 1 of 9
LogRhythm Compliance Support for FISMA
AC Access Control
NIST 800-53 Compliance Requirement
How LogRhythm Supports Compliance
LogRhythm collects all account management activities. LogRhythm
reports provide easy and standard review of all account management
AC-2
The organization manages information system accounts,
activity:
including establishing, activating, modifying, reviewing,
Example Reports:
Account
disabling, and removing accounts. The organization reviews
. Account Creation Activity
Management information system accounts
. Account Modification Activity
. Disabled Accounts Summary
. Removed Account Summary
LogRhythm collects all access activity. LogRhythm reports provide easy
AC-3
The information system enforces assigned authorizations for and independent review of access control settings and enforcement.
controlling access to the system in accordance with applicable Example Reports:
Access
policy.
Enforcement
. Successful/Failed Host Access by User
. Successful/Failed Application Access by User
. Successful/Failed File Access by User
AC-5
The information system enforces separation of duties through LogRhythm collects all access activity. LogRhythm analysis facilities and
assigned access authorizations
reporting provide easy review of user access for independently ensuring
Separation of
access control settings separate duties.
Duties
AC-6
The information system enforces the most restrictive set of
LogRhythm analysis facilities and reporting provide easy and independent
<... [download for more]
